<?php
if ($_REQUEST['profilepic']) {
	$profilepic	=	escapestr($_REQUEST['profilepic']);	
	$query =  "UPDATE users set photo=$profilepic where id=$id"; 
	$result = mysql_query($query);  
	$SITE_MIDDLE .= FormatELement(GetLangString ($lang,"txt_profilepic"),GetLangString ($lang,"msg_profilepicset")); 		




} else 
if ($_REQUEST['delete']) {
	$deletephoto	=	escapestr($_REQUEST['delete']);	

	$query   = "select * from photos where id=$deletephoto and owner=$id" ;
	$result  = mysql_query($query);
	if ($imgdata = mysql_fetch_array($result)) {
		$filename = "users/$name/photos/".$imgdata['time'];
		$query  = "DELETE from photos where id=$deletephoto and owner=$id";		
		$result  = mysql_query($query);
		if ($result) 	{
			unlink($filename);
			$query  = "DELETE from privatephotos where photo=$deletephoto";		
			$result  = mysql_query($query);
			$SITE_MIDDLE .= FormatELement(GetLangString ($lang,"txt_delete"),GetLangString ($lang,"msg_photodeleted")); 		
		}	else {
			$SITE_MIDDLE .= FormatELement(GetLangString ($lang,"txt_error"),GetLangString ($lang,"msg_dberror"));		
		}	
	} 
}

//---- begin public photos
		
		$query      = "SELECT * from `photos` where `owner`='$id' and `access`='0'";

		$result 		=	 mysql_query($query);
		if (mysql_num_rows($result)) {
			while ($photoinfo = mysql_fetch_assoc($result)){

			$photos =      "<div class=\"userthumb\"><a href=\"/index.php?do=viewphoto&photo_id=".$photoinfo['id']."\">
											<img border=\"0\" src=\"index.php?do=getphoto&square=1&size=100&id=".$photoinfo['id']."\" title=\"".
											$photoinfo['title']."\"></a><br><a href=\"/index.php?do=photomanager&delete=".$photoinfo['id']."\">".
											GetLangString($lang, "txt_delete")."</a><br><a href=\"index.php?do=photomanager&profilepic=".$photoinfo['id']."\">".
											GetLangString($lang, "txt_setprofilepic")."</a>

</div>$photos";						}
		$SITE_MIDDLE .= FormatElement ( GetLangString ( $lang, "txt_publicphotoalbum" ) ,  GetLangString ( $lang, "msg_publicphotoalbum" ) . "<br>$photos"); 
		unset($photos);		
		} else {
			$SITE_MIDDLE .= FormatElement ( GetLangString ( $lang, "txt_publicphotoalbum" ) ,  GetLangString ( $lang, "msg_publicphotoalbumempty" ));
		} 
		

//---- begin friend photos
		$query      = "SELECT * from `photos` where `owner`='$id' and `access`='1'";
		$result 		=	 mysql_query($query);
		if (mysql_num_rows($result)) {
			while ($photoinfo = mysql_fetch_assoc($result)){

			$photos =      "<div class=\"userthumb\"><a href=\"/index.php?do=viewphoto&photo_id=".$photoinfo['id']."\">
											<img border=\"0\" src=\"index.php?do=getphoto&square=1&size=100&id=".$photoinfo['id']."\" title=\"".
											$photoinfo['title']."\"></a><br><a href=\"/index.php?do=photomanager&delete=".$photoinfo['id']."\">".GetLangString($lang, "txt_delete")."</a></div>$photos";			
			}
			$SITE_MIDDLE .= FormatElement ( GetLangString ( $lang, "txt_friendphotoalbum" ) ,  GetLangString ( $lang, "msg_friendphotoalbum" ) . "<br>$photos");
		} else {
			$SITE_MIDDLE .= FormatElement ( GetLangString ( $lang, "txt_friendphotoalbum" ) ,  GetLangString ( $lang, "msg_friendphotoalbumempty" ));
		} 
		unset($photos);
// /* ---- begin private photos 

		$query      = "SELECT * from `photos` where `owner`='$id' and `access`='2'";

		$result 		=	 mysql_query($query);
		if (mysql_num_rows($result)) {
			while ($photoinfo = mysql_fetch_assoc($result)){
			$photos =      "<div class=\"userthumb\"><a href=\"/index.php?do=viewphoto&photo_id=".$photoinfo['id']."\">
											<img border=\"0\" src=\"index.php?do=getphoto&square=1&size=100&id=".$photoinfo['id']."\" title=\"".
											$photoinfo['title']."\"></a><br><a href=\"/index.php?do=photomanager&delete=".$photoinfo['id']."\">".GetLangString($lang, "txt_delete")."</a></a><br><a href=\"/index.php?do=privatephoto&id=".$photoinfo['id']."\">".GetLangString($lang, "txt_manageprivatephoto")."</a>
</div>$photos";				

			}
		$SITE_MIDDLE .= FormatElement ( GetLangString ( $lang, "txt_privatephotoalbum" ) ,  GetLangString ( $lang, "msg_privatephotoalbum" ) . "<br>$photos");
		} else {
			$SITE_MIDDLE .= FormatElement ( GetLangString ( $lang, "txt_privatephotoalbum" ) ,  GetLangString ( $lang, "msg_privatephotoalbumempty" ));
		} 




?>
